Ios Security Vulnerabilities and Issues — Ios CVE List

Lucene search

CiscoIos

11 matches found

CVE•added 2009/09/28 7:30 p.m.•48 views

CVE-2009-2867

Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.

7.8CVSS6.4AI score0.00798EPSS

CVE•added 2009/09/28 7:30 p.m.•47 views

CVE-2009-2866

Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.

7.8CVSS6.4AI score0.01683EPSS

CVE•added 2009/09/28 7:30 p.m.•47 views

CVE-2009-2873

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.

7.1CVSS6.6AI score0.00781EPSS

CVE•added 2009/09/28 7:30 p.m.•45 views

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

7.6CVSS8AI score0.03258EPSS

CVE•added 2009/09/28 7:30 p.m.•45 views

CVE-2009-2868

Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.

7.8CVSS6.7AI score0.00451EPSS

CVE•added 2009/09/28 7:30 p.m.•43 views

CVE-2009-2871

Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.

7.8CVSS6.4AI score0.00726EPSS

CVE•added 2009/09/28 7:30 p.m.•42 views

CVE-2009-2869

Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.

7.8CVSS6.4AI score0.01653EPSS

CVE•added 2009/09/28 7:30 p.m.•41 views

CVE-2009-2862

The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu5...

4.3CVSS6.6AI score0.00521EPSS

CVE•added 2009/09/28 7:30 p.m.•41 views

CVE-2009-2870

Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.

7.8CVSS6.4AI score0.00726EPSS

CVE•added 2009/09/28 7:30 p.m.•39 views

CVE-2009-2863

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.

7.1CVSS6.6AI score0.00406EPSS

CVE•added 2009/09/28 7:30 p.m.•36 views

CVE-2009-2872

6.8CVSS6.6AI score0.01117EPSS